mambo -- "register_globals" emulation layer overwrite vulnerability

ID FFB82D3A-610F-11DA-8823-00123FFE8333
Type freebsd
Reporter FreeBSD
Modified 2005-11-17T00:00:00


A Secunia Advisory reports:

peter MC tachatte has discovered a vulnerability in Mambo, which can be exploited by malicious people to manipulate certain information and compromise a vulnerable system. The vulnerability is caused due to an error in the "register_globals" emulation layer in "globals.php" where certain arrays used by the system can be overwritten. This can be exploited to include arbitrary files from external and local resources via the "mosConfig_absolute_path" parameter. Successful exploitation requires that "register_globals" is disabled.